Microsoft Using Bitcoin Blockchain for Decentralized Identity

Microsoft announced on May 13 a preview of a Sidetree-based DID network, called Identity Overlay Network (ION) on top of the Bitcoin blockchain. DIDs are decentralized identifiers, “a new type of identifier for verifiable, ‘self-sovereign’ digital identity.” DIDs are under the control of the individual and no centralized authority or identity provider can access them.

What is ION?

According to Microsoft’s Identity Division senior program manager, Daniel Buchner, “ION is a public, permission-less, open network anyone can use to create DIDs and manage their Public Key Infrastructure (PKI) state. ION is designed to deliver the scale required for a world of DIDs, while inheriting and preserving the attributes of decentralization present in the Bitcoin blockchain. The code for the ION reference node is still under rapid development, and there are many aspects of the protocol left to implement before it is ready for testing on Bitcoin mainnet.”

Buchner explained that their solution is still in its early stages, but is being shared as early as possible to begin a discussion with the community and encourage collaboration. In the coming months, he pointed out that they will be working with open source contributors to prepare for the public launch of the ION network on Bitcoin Mainnet.

As a DID network, ION, will enable users to have more control over their personal data, contributing to Microsoft’s vision for the future of decentralized identities.

Digital identities

This vision is based on the creation of “new types of digital identities, identities designed from the ground up to enhance personal privacy, security and control.”

For Microsoft, it is important “for individuals to own and control all elements of their digital identity.” Instead of giving consent to apps and services, sharing their personal data with third parties, individuals are given the opportunity with decentralized networks to store and secure their data through an “encrypted digital hub where they can store their identity data and easily control access to it.”

As Ankur Patel from Microsoft’s Identity Division, said: “Each of us needs a digital identity we own, one which securely and privately stores all elements of our digital identity. This self-owned identity must be easy to use and give us complete control over how our identity data is accessed and used.”

What does this mean?

Owning your own content and access is empowering. As Coindesk noted, bringing in the examples of Facebook and Airbnb, “if you log onto Airbnb using Facebook, a protocol deals with the software that sends the personal information from your social profile to that external service provider. In this case, Ion handles the decentralized identifiers, which control the ability to prove you own the keys to this data.” This means that with a DID, Facebook might be able to shut down your social media account, but you will still be the sole person that retains access to your personal details, including your personal photos.

While Facebook was invited to participate in Microsoft’s DID projects, they have declined, with a source telling Coindesk that “They’re going in a different direction that’s not as decentralized.”

Unlike Facebook, Microsoft is making DID standards the cornerstone of their business model. There is an interesting disagreement here regarding the use of blockchain technology, with one company supporting privacy and the other one aiming towards the monetization of personal data and less decentralization.

As Yorke Rhodes, a program manager on Microsoft’s blockchain engineering team, put it,“Facebook is the complete antithesis of consumer privacy. Their business model is based on the fact they can monetize data about you.”

Whether the issue here is also entwined with the kind of capitalism we want, an ethical or a corporate one that disregards consumer privacy, this is something to be fought by the businesses themselves and the ways they engage with decentralized systems.